navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Insecure MS Visual C++ 2005

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Microsoft
And, this specific program:
Microsoft Visual C++ 2005 Redistributable Package (x86)

This thread has been marked as resolved.
PhilLeMion Insecure MS Visual C++ 2005
Member 6th Feb, 2011 21:33
Ranking: 0
Posts: 13
User Since: 21st Aug, 2009
System Score: N/A
Location: N/A
Message received: "Unable to find an appropriate web browser for this URL" It happens when I click on solution, on MS website link, or on Secunia Logo at top right corner of Dashboard.

Same web browser I've used for everything else. IE8 on Windows 7 64 bit.

Checked MS site and their scan says I'm up to date on everything. Confirmed by Belarc.

Irritating to get "99%" with no solution.

Otherwise Secunia is really a great program.

Post "RE: Insecure MS Visual C++ 2005" has been selected as an answer.
ddmarshall RE: Insecure MS Visual C++ 2005
Dedicated Contributor 6th Feb, 2011 21:44
Score: 1212
Posts: 968
User Since: 8th Nov 2008
System Score: 98%
Location: UK
Get the latest Visual C++ 2005 Redistributable by following the link in this article: http://support.microsoft.com/kb/2019667

You need the Service Pack 1 ATL Security Update.

--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+1
-0
PhilLeMion RE: Insecure MS Visual C++ 2005
Member 6th Feb, 2011 22:05
Score: 0
Posts: 13
User Since: 21st Aug 2009
System Score: N/A
Location: N/A
Followed your suggestion. Didn't find exact wording you show but downloaded the Security Pack for 2005 sp1. Rescanned = no change. Why message about "no browser" in Secunia? Wouldn't MS update pick up any missing security packs?

Sorry - still bewildered (and 1 insecure).
Was this reply relevant?
+0
-0
mogs RE: Insecure MS Visual C++ 2005
Expert Contributor 6th Feb, 2011 22:39
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Hello.
You probably need to close psi and re-boot for the change to register before re-scanning.....if you havn't already done so.
Have you recently moved to psi 2.0 ? Have you had a good read thro' the newer FAQ's ? Perhaps note 9 of same will help you here :-
http://secunia.com/vulnerability_scanning/personal...
Regards,


--
Was this reply relevant?
+1
-1
ddmarshall RE: Insecure MS Visual C++ 2005
Dedicated Contributor 6th Feb, 2011 23:49
Score: 1212
Posts: 968
User Since: 8th Nov 2008
System Score: 98%
Location: UK
I meant the link 'Visual C++ 2005 Service Pack 1 Redistributable Package ATL Security Update (x86, x64, and IA64)'. I suppose you followed that and selected the appropriate download - x86 for 32bit; x64 for 64bit.

For most purposes you are secure if Microsoft Update does not suggest any updates. The problem with the Secunia detection arises because the Microsoft Update does not replace all the files of the product. Downloading the complete package 'should' solve the problem.

Can you specify path and version that PSI is detecting to eliminate any other cause?

Mogs' link should solve the URL problem.


--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+1
-0
PhilLeMion RE: Insecure MS Visual C++ 2005
Member 7th Feb, 2011 05:37
Score: 0
Posts: 13
User Since: 21st Aug 2009
System Score: N/A
Location: N/A
Thanks for all of your help. PSI states that the software is there but there is a newer version. I've downloaded the one MS has on site plus the SP 1 for 64 bit. shutdown and turned back on - nothing. I'm not sufficient (or efficient) enough to get into the registry ("once burned"). How about uninstalling it? Will MS pick it up then and do the right thing?

Seems as if the PSI was smart enough to know it was wrong it should be able to, at least, get me to the right one.

This computer is only 4 days old. Just doesn't seem right somehow.

But .... thanks.


Was this reply relevant?
+0
-0
ddmarshall RE: Insecure MS Visual C++ 2005
Dedicated Contributor 7th Feb, 2011 11:18
Score: 1212
Posts: 968
User Since: 8th Nov 2008
System Score: 98%
Location: UK
You have two different problems. The URL error is not related to the Visual C++ problem. It will prevent you from using the PSI to download anything. It is caused by a problem with how your browsers are configured. Have you installed any browsers in addition to Internet Explorer? If you have more than one, try changing the default browser and then changing it back again. If you don't want to risk editing the Register, make sure that all the other settings are as suggested in the FAQs. A Secunia Official may be able to give you further advice.

As far as Visual C++ is concerned, this is not a component of Windows. It will be installed if a program developed with Visual C++ is installed. Uninstalling the redistributable will stop that program working. It will not necessarily be reinstalled if it is missing.
To help you further with this you need to give more information.
What is your operating system? It seems you may have Windows 7 64bit.
What is the installation path and version that Secunia is detecting? Click the + next to the program name in the scan results and post the information here.
You say you have downloaded from the Microsoft Download site. Have you also run the file which was downloaded?

--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+1
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
 
Secunia © 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+